11. Protection from Web Scraping Remote users Dublin Datacenter Frankfurt Datacenter Legitimate users see inventory while scrapers are remediated IT Staff IT Staff Automated scraper Comprehensive reporting on scraping attacks Web Domino Network Detect requests and determine web site is being scraped Web Domino Network BIG-IP 8900 BIG-IP 6900 LTM/ASM LTM/ASM Solution Protects valuable intellectual property Prices are controlled and users see airline approved inventory Integrated scrape reporting for PCI compliance Avoid litigation drastically reducing legal costs
20. F5 – A Better Solution For Web Security BestWAF with protection from Web Scraping (ASM) Best WAF to assist administrators in understanding security threats (ASM: Attack Expert) Simplified PCI Reporting (ASM) Only GSLB with DNSSEC (GTM)
Editor's Notes
http://www.wilmerhale.com/publications/whPubsDetail.aspx?publication=1948 you can find public information on American Airlines, eBay and others who were involved with legal procedures against scrapers.Ryanair – Stolen data, litigation costs, decreasing revenueWins injunction against VtoursGmBHForbids screen-scraping as commercial use*Ryanair sent cease and desist letters to 300 siteshttp://www.theregister.co.uk/2008/06/25/easyjet_warns_expedia/*http://www.theregister.co.uk/2008/07/11/ryanair_screen_scraping_victory/**http://www.theregister.co.uk/2008/06/27/easyjet_travel_sites_warned/http://news.idg.no/cw/art.cfm?id=08DFD829-1A64-67EA-E4996B477BBCB6D3What I discovered is that our Web sites are being "scraped" by other companies -- our competitors! Some of the information on our sites is valuable intellectual property. It is provided online, in a restricted manner (passwords and such), to our customers. Such restrictions aren't very difficult to overcome for the Web crawlers that our competitors are using, because webmasters usually don't know much about security. They make a token attempt to put passwords and restrictions on sensitive files, but they often don't do a very good job.
Online dictionary for help. Network guy challenged with application security and now has violation and attack type description. Attack expert system provides knowledge, testing and reporting of attacks and policies: Attack profiles - Every attack is now explained, every violation includes detailed description of the exact check that ASM performsStaging – policies are staged so tightening changes are made before enforcementSuperior reporting - detailed review of vulnerabilities allowing for fast mitigation and easy management
Competition has beaten us up in the past but we haveconsolidated with PCI reports. With new PCI reporting, BIG-IP ASM details security measures required by PCI DSS 1.2, if you are in compliance and if not, steps required to become compliant.
A typical DNS request goes through a recursive set of public DNS servers to resolve the domain name. In this case I’m looking to connect to www.example.com. But one of these DNS servers has been compromised through cache poisoning. Cache poisoning occurs when a resolver or recursive DNS server queries another server in an effort to answer a query, and an attacker spoofs the query response to the resolver or recursive server. This can occur when the attacker impersonates the queried server by using an appropriate DNS message. In the case of the recursive server receiving such an answer, it not only supplies the resolver with the falsified information, it caches the information such that future queries, at least during the valid time interval of the answer, are answered with the same falsified information.